Meta

Tag: DNS Servers

One of the facts about modern computing which many people take for granted, is a LAN which can be browsed. Without such an ability, a Local Area Network only consists of IP addresses, and unless we have made special preparations otherwise, those IP addresses can also be reassigned by our router. Yet, this view of the LAN has prevailed under Linux for some time, where specific services need to be configured with text-files, and where users have made entries in the file ‘‘, such that specific host-names are associated with specific IP addresses, that are defined manually.

There exists a Linux solution to this problem, which can be installed with the package ‘‘. In short, this daemon provides in a Linux-friendly way, what the old ‘‘ used to provide under Windows. It associated packages, ‘‘, ‘‘, and ‘‘ , provide a GUI that allows the local computer to browse graphically. Additionally, the package ‘‘ allows for the host-names on the LAN to receive the suffix ‘‘, so that regular Linux programs can refer to those host-names and connect to their IP addresses transparently, without requiring manual configuration.

Some people have noted problems getting this latter feature to work, but on my LAN, it just seems to work out-of-the-box.

It should be noted though, that if we install this to a computer which is not used to it, there can be some stability issues, and ‘‘ may not be compatible with arrangements some users have already made, to resolve their host-names. There was a specific problem I ran in to myself, after installing this on a laptop, according to which a list of available printers had become unstable, as viewed from one application.

In This Earlier Posting, I wrote that I was setting up an old, garbage-grade laptop, to connect entirely through Tor. And one of my motivations has to do with the USB-stick, in that I am trying to establish that this USB-stick cannot really be of such immense benefit to whoever is using it, as is claimed, and that therefore, Edward Snowden cannot also have gotten much use out of .

Further, I think we can see that in recent years, the way in which PCs react to inserted, ‘ USB-sticks’ has also changed, so that our chances of finding a host machine which will boot from such a pen-drive, but without the consent or knowledge of its owner, are also quite slim. An actual laptop bypasses that problem.

What I think I found, was that most of the services which we could connect to – including IRC Servers – detect that we are connecting to them from a remote IP address that belongs to a Tor gateway – a so-called “Exit-Node” – and if we are authenticated, bans the user, or otherwise just blocks the user.

What I had written though, was that in addition to being able to use the Web-browser, I wanted my own laptop to be able to perform one additional task. And so I had found that a mailbox service exists called , and that it runs its own Tor Exit-Node internally, for which reason we could send and receive email with them, once we have set up and paid for an account.

What I discovered, is that this not only works in theory, but actually does in practice. We need to install an ‘‘ extension named “” to get that to work, but it does finally work.

To explain in lay-terms what this means, I need to mention that the local IP addresses which computers have on a LAN do exist, in addition to which Windows has introduced its own way of giving the local computers names. Linux can mimic how this works, using its ‘Samba’ software suite, but also tries to avoid ‘NetBIOS’ (naming) as much as possible, outside of Samba network browsing, or ‘copying-and-pasting of files, between computers on a LAN’.

Just like domain-names need to be resolved into IP addresses on the Internet, which is the WAN to this LAN – the Wide-Area Network – on the Local Area Network, computer-names also need to be resolved into IP addresses, before the computers can actually ‘talk to each other graphically’. Traditionally, Windows offered its whimsical mechanism for doing so, which was named NetBIOS, by which any and every computer could act as the WINS server – thus offering its repository of LAN locations to the WINS clients, but alternatively, there could also exist one dedicated WINS server.

What I had grown used to, was that on my LAN, the router would insist that it be my WINS server, thus ‘not trusting’ any of my Linux boxes to do so in some way. I therefore had to defer to this service, as provided by the router.

I had previously set my ‘/etc/samba/smb.conf‘ to

wins support = no
dns proxy = yes

Well as of Wednesday, the LAN had suddenly ‘looked different’ according to client-browsers. Each computer had suddenly remained aware only of its own identity, with no Workgroup of other computers to network with.

This was all happening, while my connection to the WAN still seemed secure and operative.

Long story short, I think that my ISP may have performed the Firmware Update, and that according to the new firmware version, the router was suddenly not willing to provide this service anymore. And so what I felt I had to do next, was change these settings back to

wins support = no
dns proxy = no

Now that I have done so, each computer can ‘see’ my whole Workgroup again – which was apparently not feasible according to earlier experiences.

Further, for laypeople I might want to emphasize, that it is not just a frivolous exercise of mine, to give each computer a name. If they did not have names, then according to the screen-shot below, I would also not be able to tell them apart, since they all have the same icon anyway:

Now I suppose that an inquiring mind might ask, “Since Linux can imitate Windows, why does Dirk not just set ‘wins support = yes‘ as well?” My answer to this hypothetical question would be, that

According to common sense, this option will just make the current machine available, as a potential WINS Server, but

In my practical experience, the LAN will interpret this as more of an imperative gesture, of a kind that will actually cause a feud to break out between the machines.

In my experience, if I even set one of my Linux machines to do this, all the other Linux machines will refer to its repository of (4) LAN names, the others becoming clients, but the Windows 7 machine named ‘Mithral’ will refuse to have it. In this case, Mithral will insist that it must be the WINS Server, and not some Linux box. And then, further logic-testing of which machines can see which, will reveal that in practice, I must leave this option switched off, if there is also to be any Windows machine to share the LAN with.

On the laptop I name ‘Klystron’, I have kernel version ‘‘, and the misfortune of a WiFi chip-set that uses the kernel module ‘‘ with its companion kernel modules. Fortunately, I believe that it finally, fully stable!

I think that the most important detail on my part to getting this kernel module stable, was to add the file ‘‘ to contain the following code:

options rtl8723be fwlps=0
options rtl8723be swlps=0

Yet, as a series of blog postings already shows, it was not so quick and easy to obtain stability. One reason I think that my WiFi was failing on me recently, was my persistence in trying to put the laptop to Sleep, aka “Suspend To RAM”. This was never fully supported, and after Resuming from this sort of suspend mode, the WiFi would always be unstable. The only way I had to remedy this, was to change my user-level configuration, never to put the laptop to Sleep again.

Even with the WiFi supposedly stable in this way, the malfunction remains, that for any duration of time I close the laptop lid, the WiFi temporarily cuts off, which I think is a problem with the antenna. My solution: Leave the laptop idling, with its lid open. The result: Days and days of steady connection. Some small amount of dust on the laptop keyboard.

But there seemed to have been another problem with my WiFi specifically. The modem-router which I rent from Bell seems to have a specific policy. It sets itself to be the DNS server for my LAN, which downloads the IP addresses from its DNS parent. The WiFi router seems to have a zero-tolerance policy, if any computers try to bypass it as my DNS server. And this problem can be so strict, that even to have my LAN machines act as server, will cause problems and stability issues, which mimic hardware WiFi disconnection issues.

In my ‘‘, I needed to set

wins support = no
dns proxy = yes

Otherwise, the member servers would fail to see each other as Samba-connected, and finally lose their connection altogether.

Further, I had scripted the idea into my configuration files, to prepend IP address 8.8.8.8 as an additional DNS server into ‘‘ on boot-up, just hoping to obtain wider connectivity. But then one additional problem with that was, that this public DNS server would suggest IPv6 addresses in addition to IPv4, and that even though my user-level settings for the network said to ignore IPv6 addresses, a malfunction in the kernel – which has not bee remedied – would cause the WiFi client to try to request the IPv6 addresses anyway. My user-level settings were being ignored.

Thus, I think that getting rid of the 8.8.8.8 was instrumental in achieving stability. Since this router does not tolerate IPv6, and since it is now my only DNS server, there is no risk of IPv6 addresses ever getting mentioned on my LAN.

On that note: It is normal on a dual-stack machine, for each NIC to have an IPv4 as well as a local, “Link” IPv6 address. But I think that one aspect in which the behavior of Ethernet cards is different from WiFi, is that the Ethernet card will not try to use its IPv6 address, because that will recognize this is not a global address, which would need to be assigned by the router. It would only try to use its “link” IPv6, if it was to try to connect directly to another machine on my LAN. OTOH, It would seem that a WiFi chip-set will not recognize that its IPv6 is invalid, and will ask for “Global” IPv6 addresses.

This can be an embarrassment, if the router did not specify any, and if the router assumes that it is the only DNS server.